Never thought I'd see the day, but I picked up a nasty one called seneka (AVG didn't even see it). Caused the computer to shut down randomly, with messages from microsoft prompt about sorry but there is an error and your computer must be shut down. It would then constantly shutdown in a few seconds and reboot on it's own. Took me a while to figure out it was truly a virus because it hid itself well. None of the general AVs cleaned it up very well. Not all AVs see same problems, I used malaware bytes and panda online to finally detect it. But nothing really cleaned it very well; it would resurface. Then I found combofix! That thing will completely tear out viruses and rootkit crap like nobody's business-- but be careful, if you don't use it properly, you can have major problems. A lot of the online computer experts get pissed when people use combofix without supervision. If you are looking for rootkits, you can also check out www.gmer.com's catchme, which has some good and powerful tools as well (it's integrated into combofix). Never saw that shutdown problem again. And there were plenty of sites saying shutdowns could be due to overheating and auto protect features, blah blah; that wasn't it in this case.
I do IT work, and 1st off, we have not seen any virus that has been able to destroy a hard drive. However, we have seen hard drives that were going bad, and also had a virus at the same time. As some have already said, its really stupid not to backup your business on another hard drive. We have seen people come in with broken hard drives who have lost 3 years of their work. Considering how inexpensive an external hard drive is, you should try to not learn by making the mistake of not backing up your data. To backup your data, go to Windows Explorer, click on Documents and Settings, click on copy, then click on the drive letter for the external drive, and click on paste. You can also buy Ghost which will backup the applications as well as the data. If you are doing well, you should really also have a 2nd computer so that when one goes down, you can use that one as a backup till you are backup and running. The best way to make money is to specialize in something. I don't fix my car, the people who bring in their computers to get fixed are very smart for example doctors who probably make more money than most of the people posting here. They know that their time is better spent doing their work. I have also worked for companies that make from $ million to $ billions. The CEO of the company is not going to sit at his desk and fix his computer himself. Some of them don't even have their own computer. I worked for one company where the CEO had this giant glass room with a great view and 3 beautiful woman working outside answering his e-mails for him.
wow... My dad worked for IBM back in the day. I built my first PC in 1986 from a pile of parts. I used to be better but now with XP and newer technology I have enough know-how to get myself into trouble, although once I learn something its usually easier than I thought. I would believe that a virus could "over spin" an HDD and then slam on the brakes - but then the HDD would be beyond repair so your buddy who "fixed it" sounds sketchy. Same with overheating - these things are hunks of wires, plastic, metal, magnets and other stuff - if a virus tells a fan to shut off and a HDD, MB or other fails - it's usually dead. Mechanical parts don't just break then come back from the dead, they either work or they don't work. As others have said I would try to delete your partitions and reformat (not the quick way). On another note - a new HDD is under $100, why not start fresh? Put the XP system disk in and let it boot from CD, delete the existing partitions and format the drive with a full format. Should be fine. OP - I'm late coming in to this - have you gotten it sorted yet?
wonder if the free Microsoft safety scanner online would have caught this virus, or if it's not updated often enough with new virus definitions
I hope you are a better black jack player than you are a computer specialist! Try this: 1.) Download a copy of gnoppix 2.) Boot your machine off the bootable cd 3.) Open up a terminal 4.) Run the following command "df -k<enter>" 5.) See what "partition" is labeled for your Microsoft drive - may be something like /dev/sda1 or /dev/hda1 6.) Using the info from step 5 run the following command (as root user - figure out how to become root user if necessary): dd if=/dev/zero of=/dev/sda bs=1024 count=1051668 7.) Come back and tell the rest of us about that beautiful drink coaster you now have On most modern drives "track 0" holds information about the geometry of the drive - how many sectors, heads, cylinders, where the bad sector list is, etc. Wipe out that stuff and your drive will no longer know what type of drive it actually is! This may not be "damaging" the platters, but the result is the equivalent - back in the old days you could send the heads so close to the spindle that it couldn't come back to track 0 - end of drive. In the day you could also smoke a monitor by playing with the refresh rates for the card - too fast a refresh rate and bye bye monitor - but that was in the old days - but, you can still smoke the drive with the commands above. -gastropod
I had a virus problem which crashed XP horribly and won't go after multiple formats either. After trying NOD, Semantic, McAfee the only thing that helped was the avast pre-boot scan.
No. dd'ing an entire disk (or at least the beginning, if you don't want to wait for a long time) with zeroes is exactly what you want to do if you have an infected MBR. And we do this when we need to redeploy a disk to hold a different OS or to be in a different RAID box. You are still living in the days of SMD drives. SCSI and ATA drives keep their bad sector list in an area that can only be accessed by special commands, not ordinary read and write commands. The c/h/s numbers are mostly fiction, because since the 1990's disks have had a variable number of sectors per track, more on the outer tracks than the inner tracks, and are linearly addressed. c/h/s is just for the benefit of the BIOS and OS, and can be anything you want, although s is generally limited to 63 and of course the product should be as close as possible to the number of sectors on the disk so as not to waste space. In any case, fdisk can set up a new MBR with the appropriate c/h/s values. The OS keeps a bad sector list, but this is specific to the OS and the filesystem type and is not kept in sector 0 of the drive. Even back in SMD days, if bad sectors could not be "slipped", the mapping used by most OS's used DEC standard 144, which put the table (and the bad sectors) in the first few tracks of the last cylinder of the drive.
If your are not sure what got to your hd, use this: http://en.wikipedia.org/wiki/Darik's_Boot_and_Nuke For security reasons, you may also consider using this before discarding that old hd. It will completely wipe out any trace of data pattern on your hd. Including any porn traces.